service: Set secret target to secret name
This is a breaking change as it was previously prefixed with service name
This commit is contained in:
uumas
@@ -169,10 +169,10 @@ argument_specs:
|
|||||||
description:
|
description:
|
||||||
- Database type to set up.
|
- Database type to set up.
|
||||||
- >
|
- >
|
||||||
It will be run in a docker container accessible to the service at
|
It will be run in a container accessible to the service at
|
||||||
host {{ service_name }}-{{ service_database_type }} on the default port.
|
host {{ service_name }}-{{ service_database_type }} on the default port.
|
||||||
- The database user will be {{ service_name }}
|
- The database user will be {{ service_name }}
|
||||||
- The password will be accessible as secret at /run/secrets/{{ service_name }}-{{ service_database_type }}
|
- The password will be accessible as secret at /run/secrets/{{ service_database_type }}
|
||||||
- >
|
- >
|
||||||
The password will also be available as the
|
The password will also be available as the
|
||||||
service_podman_secrets['{{ service_name }}-{{ service_database_type }}'] variable.
|
service_podman_secrets['{{ service_name }}-{{ service_database_type }}'] variable.
|
||||||
|
|||||||
@@ -13,8 +13,9 @@
|
|||||||
- "{{ service_name }}"
|
- "{{ service_name }}"
|
||||||
container_secrets:
|
container_secrets:
|
||||||
- name: "{{ _service_database_name }}"
|
- name: "{{ _service_database_name }}"
|
||||||
|
target: "{{ service_database_type }}"
|
||||||
container_env:
|
container_env:
|
||||||
POSTGRES_USER: "{{ service_name | replace('-', '_') }}"
|
POSTGRES_USER: "{{ service_name | replace('-', '_') }}"
|
||||||
POSTGRES_PASSWORD_FILE: "/run/secrets/{{ _service_database_name }}"
|
POSTGRES_PASSWORD_FILE: "/run/secrets/{{ service_database_type }}"
|
||||||
POSTGRES_INITDB_ARGS: "--encoding=UTF-8 --lc-collate=C --lc-ctype=C"
|
POSTGRES_INITDB_ARGS: "--encoding=UTF-8 --lc-collate=C --lc-ctype=C"
|
||||||
container_auto_update: "{{ service_auto_update }}"
|
container_auto_update: "{{ service_auto_update }}"
|
||||||
|
|||||||
@@ -8,13 +8,17 @@ _service_database_name: "{{ service_name }}-{{ service_database_type }}"
|
|||||||
_service_container_secrets: >
|
_service_container_secrets: >
|
||||||
{{
|
{{
|
||||||
service_container_secrets
|
service_container_secrets
|
||||||
| zip(service_container_secrets
|
| map(attribute='name')
|
||||||
| map(attribute='name')
|
| map('community.general.dict_kv', 'target')
|
||||||
| map('regex_replace', '^', service_name ~ '-')
|
| zip(
|
||||||
| map('community.general.dict_kv', 'name')
|
service_container_secrets,
|
||||||
|
service_container_secrets
|
||||||
|
| map(attribute='name')
|
||||||
|
| map('regex_replace', '^', service_name ~ '-')
|
||||||
|
| map('community.general.dict_kv', 'name')
|
||||||
)
|
)
|
||||||
| map('combine')
|
| map('combine')
|
||||||
+ ([{'name': _service_database_name }] if _service_setup_database else [])
|
+ ([{'name': _service_database_name, 'target': service_database_type }] if _service_setup_database else [])
|
||||||
}}
|
}}
|
||||||
|
|
||||||
_service_container_requires: "{{ service_requires + ([_service_database_name + '.service'] if _service_setup_database else []) }}"
|
_service_container_requires: "{{ service_requires + ([_service_database_name + '.service'] if _service_setup_database else []) }}"
|
||||||
|
|||||||
Reference in New Issue
Block a user